1 /* LibTomCrypt, modular cryptographic library -- Tom St Denis
3 * LibTomCrypt is a library that provides various cryptographic
4 * algorithms in a highly modular and flexible manner.
6 * The library is free for all purposes without any express
14 static int _dh_groupsize_to_keysize(int groupsize)
16 /* The strength estimates from https://tools.ietf.org/html/rfc3526#section-8
17 * We use "Estimate 2" to get an appropriate private key (exponent) size.
22 else if (groupsize <= 192) {
23 return 30; /* 1536-bit => key size 240-bit */
25 else if (groupsize <= 256) {
26 return 40; /* 2048-bit => key size 320-bit */
28 else if (groupsize <= 384) {
29 return 52; /* 3072-bit => key size 416-bit */
31 else if (groupsize <= 512) {
32 return 60; /* 4096-bit => key size 480-bit */
34 else if (groupsize <= 768) {
35 return 67; /* 6144-bit => key size 536-bit */
37 else if (groupsize <= 1024) {
38 return 77; /* 8192-bit => key size 616-bit */
45 int dh_generate_key(prng_state *prng, int wprng, dh_key *key)
48 unsigned long keysize;
49 int err, max_iterations = LTC_PK_MAX_RETRIES;
51 LTC_ARGCHK(key != NULL);
52 LTC_ARGCHK(ltc_mp.name != NULL);
55 if ((err = prng_is_valid(wprng)) != CRYPT_OK) {
59 keysize = _dh_groupsize_to_keysize(mp_unsigned_bin_size(key->prime));
61 err = CRYPT_INVALID_KEYSIZE;
66 buf = XMALLOC(keysize);
72 key->type = PK_PRIVATE;
74 /* make up random buf */
75 if (prng_descriptor[wprng].read(buf, keysize, prng) != keysize) {
76 err = CRYPT_ERROR_READPRNG;
79 /* load the x value - private key */
80 if ((err = mp_read_unsigned_bin(key->x, buf, keysize)) != CRYPT_OK) {
83 /* compute the y value - public key */
84 if ((err = mp_exptmod(key->base, key->x, key->prime, key->y)) != CRYPT_OK) {
87 err = dh_check_pubkey(key);
88 } while (err != CRYPT_OK && max_iterations-- > 0);
91 zeromem(buf, keysize);
94 if (err != CRYPT_OK) dh_free(key);
100 /* ref: $Format:%D$ */
101 /* git commit: $Format:%H$ */
102 /* commit time: $Format:%ai$ */